The wp_rokbox WordPress plugin was affected by a thumb.php src Parameter XSS security vulnerability.
exchange.xforce.ibmcloud.com/vulnerabilities/80731
packetstormsecurity.com/files/118884/
seclists.org/fulldisclosure/2012/Dec/159
www.securityfocus.com/bid/56953/